Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
13,116 exploits
GitHub PoC
One-command scanner for the Mini Shai-Hulud npm supply-chain worm (CVE-2026-45321). Detect before rotating tokens.
Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
78RISK
open ↗GitHub PoC
POC for CVE-2026-30950 which allows session hijacking in AutoGpt
AutoGPT has Authenticated Session Hijacking via IDOR
41RISK
open ↗GitHub PoC
A small script to apply Yellowkey mitigation based on CVE-2026-45585 instructions
Windows BitLocker Security Feature Bypass Vulnerability
33RISK
open ↗GitHub PoC★ 3
CVE-2026-42945 - NGINX Rift Toolkit
NGINX ngx_http_rewrite_module vulnerability
60RISK
open ↗GitHub PoC
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
rxrpc: fix oversized RESPONSE authenticator length check
41RISK
open ↗GitHub PoC
The code for personally reproducing the corresponding vulnerability
LiteLLM: Authenticated command execution via MCP stdio test endpoints
100RISK
open ↗GitHub PoC
fevar54/FULL-ANALYSIS---CVE-2026-45829-ChromaDB-
A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an un
53RISK
open ↗GitHub PoC★ 2
A Go implementation of fragnesia (CVE-2026-46300)
net: skbuff: preserve shared-frag marker during coalescing
41RISK
open ↗GitHub PoC★ 1
CVE-2026-2587 PoC validator for Eclipse GlassFish EL Injection RCE in the admin console gadget.jsf handler. Safe authenticated vulnerability scanner for authorized testing.
A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used
48RISK
open ↗GitHub PoC
Maxime288/Fragnesia-CVE-2026-46300
net: skbuff: preserve shared-frag marker during coalescing
41RISK
open ↗GitHub PoC
Se realizó una evaluación de vulnerabilidades sobre una máquina virtual con Kali Linux utilizando un script detector para la vulnerabilidad Dirty Frag, asociada a las CVE-2026-43284 y CVE-2026-43500. Posteriormente se ejecutó un Proof of Concept (PoC) público escrito en lenguaje C para validar la posibilidad de realizar una escalada local
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open ↗GitHub PoC
Exploit for CVE-2026-41651 - PackageKit TOCTOU Local Privilege Escalation (Pack2TheRoot)
PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
41RISK
open ↗GitHub PoC
POC_CVE-2026-35037
Ech0 affected by unauthenticated SSRF in GetWebsiteTitle allows access to internal services and cloud metadata
41RISK
open ↗GitHub PoC
MGTx2/CVE-2026-39107
A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails
33RISK
open ↗GitHub PoC
Exploit for DirtyDecrypt - CVE-2026-31635 Local Privilege Escalation
rxrpc: fix oversized RESPONSE authenticator length check
41RISK
open ↗GitHub PoC
A Go implementation of dirtyfrag (CVE-2026-43284 / CVE-2026-43500)
xfrm: esp: avoid in-place decrypt on shared skb frags
78RISK
open ↗GitHub PoC
a24ac1/CVE-2026-0740
Ninja Forms - File Upload <= 3.3.26 - Unauthenticated Arbitrary File Upload
75RISK
open ↗GitHub PoC★ 1
CVE-2026-34474: unauthenticated ETHCheat=1 requests leak the admin password and Wi-Fi PSK from ZTE H298A/H108N routers.
Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to
46RISK
open ↗GitHub PoC
Shell scanner for CVE-2026-31431 "Copy Fail" — a local privilege escalation via Linux kernel page cache corruption (algif_aead/AF_ALG). Checks kernel version, patch status, module state, setuid exposure and mitigations. Supports Debian 11–13 and Ubuntu 20.04–25.10. CI/CD-ready (exit codes + JSON output).
crypto: algif_aead - Revert to operating out-of-place
100RISK
open ↗GitHub PoC
rufflabs/CVE-2026-36748
RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting (XSS) via Social Media links in user profile.
48RISK
open ↗GitHub PoC
anonmrc/CVE-2026-34486-e-Tomcat-Tribes
Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor
61RISK
open ↗GitHub PoC
Exploit code for CVE-2026-42096 and CVE-2026-42097 allowing for arbitrary SQL command execution without authentication.
Broken Access Control in Sparx Pro Cloud Server
41RISK
open ↗GitHub PoC
CVE-2026-30691: Stored Cross-Site Scripting (XSS) in @cyntler/react-doc-viewer
Cross-Site Scripting (XSS) vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitra
33RISK
open ↗GitHub PoC★ 1
POC_CVE-2026-45185 for nuclei-templates
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing p
48RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.